Overview

overview

7

Static

static

7

多功能C...er.exe

windows7-x64

1

多功能C...er.exe

windows10-2004-x64

7

多功能C...er.dll

windows7-x64

7

多功能C...er.dll

windows10-2004-x64

7

多功能C...eg.dll

windows7-x64

1

多功能C...eg.dll

windows10-2004-x64

3

跑商的C...er.exe

windows7-x64

1

跑商的C...er.exe

windows10-2004-x64

7

跑商的C...er.dll

windows7-x64

7

跑商的C...er.dll

windows10-2004-x64

7

跑商的C...eg.dll

windows7-x64

1

跑商的C...eg.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    74ad2a9b9cc22e380d665199c9017c7d2e0f14c87b26797040d1d25293d1f7a8

  • Size

    7.9MB

  • MD5

    607fe6fb23fb3dd538f06f7dd832e753

  • SHA1

    1f3f0c36a1942c441919626ada89e78b284b02ea

  • SHA256

    74ad2a9b9cc22e380d665199c9017c7d2e0f14c87b26797040d1d25293d1f7a8

  • SHA512

    2b54271af99d5d99eea468126c0e84244d8d3c44848618ffc387cf3b64a9157d301bea5deab4492c91fc8ebf77a6aa00333a3fba4fdd4fecff434c538bc3a08e

  • SSDEEP

    196608:VXrSKYRlov3RroVqVU73Tj10Md4XrSKYqcWbcVUs3PXD3ukJwL14A:B+rKBro/G+EhMrPT3TuLKA

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • 74ad2a9b9cc22e380d665199c9017c7d2e0f14c87b26797040d1d25293d1f7a8
    .zip
  • 多功能CFer-1.2/WindowsFormsAutoCFer.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • 多功能CFer-1.2/libs/cfer.dll
    .dll regsvr32 windows:4 windows x86


    Headers

    Exports

    Sections

  • 多功能CFer-1.2/libs/cferReg.dll
    .dll windows:4 windows x86

    a6401b477c5abcd084d69b0577575fd8


    Headers

    Imports

    Exports

    Sections

  • 多功能CFer-1.2/resources/关闭.bmp
  • 多功能CFer-1.2/resources/准备.bmp
  • 多功能CFer-1.2/resources/加入游戏.bmp
  • 多功能CFer-1.2/resources/奖励确认.bmp
  • 多功能CFer-1.2/resources/开始游戏.bmp
  • 多功能CFer-1.2/resources/房主确认.bmp
  • 多功能CFer-1.2/resources/新版结算确认.bmp
  • 多功能CFer-1.2/resources/结算确定.bmp
  • 多功能CFer-1.2/resources/结算确认.bmp
  • 多功能CFer-1.2/resources/荣誉提升.bmp
  • 多功能CFer-1.2/更新日志-2023-7-16.txt
  • 多功能CFer-1.2/软件协议.txt
  • 跑商的CFer-1.27/AppCarmi.txt
  • 跑商的CFer-1.27/AppChallengeCFer.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • 跑商的CFer-1.27/AppSetting.config
    .xml
  • 跑商的CFer-1.27/libs/cfer.dll
    .dll regsvr32 windows:4 windows x86


    Headers

    Exports

    Sections

  • 跑商的CFer-1.27/libs/cferReg.dll
    .dll windows:4 windows x86

    a6401b477c5abcd084d69b0577575fd8


    Headers

    Imports

    Exports

    Sections

  • 跑商的CFer-1.27/resources/100_启动.bmp
  • 跑商的CFer-1.27/resources/100_确定.bmp
  • 跑商的CFer-1.27/resources/101.bmp
  • 跑商的CFer-1.27/resources/101_启动.bmp
  • 跑商的CFer-1.27/resources/102.bmp
  • 跑商的CFer-1.27/resources/103.bmp
  • 跑商的CFer-1.27/resources/104.bmp
  • 跑商的CFer-1.27/resources/105.bmp
  • 跑商的CFer-1.27/resources/106.bmp
  • 跑商的CFer-1.27/resources/107.bmp
  • 跑商的CFer-1.27/resources/200.bmp
  • 跑商的CFer-1.27/resources/200_1.bmp
  • 跑商的CFer-1.27/resources/200_2.bmp
  • 跑商的CFer-1.27/resources/200_3.bmp
  • 跑商的CFer-1.27/resources/201.bmp
  • 跑商的CFer-1.27/resources/202.bmp
  • 跑商的CFer-1.27/resources/203.bmp
  • 跑商的CFer-1.27/resources/204.bmp
  • 跑商的CFer-1.27/resources/205.bmp
  • 跑商的CFer-1.27/resources/206.bmp
  • 跑商的CFer-1.27/resources/300.bmp
  • 跑商的CFer-1.27/resources/301.bmp
  • 跑商的CFer-1.27/resources/302.bmp
  • 跑商的CFer-1.27/resources/303.bmp
  • 跑商的CFer-1.27/resources/400.bmp
  • 跑商的CFer-1.27/resources/401.bmp
  • 跑商的CFer-1.27/resources/402.bmp
  • 跑商的CFer-1.27/resources/403.bmp
  • 跑商的CFer-1.27/resources/404.bmp
  • 跑商的CFer-1.27/resources/ShiLianDao.txt
  • 跑商的CFer-1.27/resources/准备.bmp
  • 跑商的CFer-1.27/resources/切换模式.bmp
  • 跑商的CFer-1.27/resources/创建房间.bmp
  • 跑商的CFer-1.27/resources/加入游戏.bmp
  • 跑商的CFer-1.27/resources/匹配.bmp
  • 跑商的CFer-1.27/resources/叉号.bmp
  • 跑商的CFer-1.27/resources/开始游戏.bmp
  • 跑商的CFer-1.27/resources/快速加入0.bmp
  • 跑商的CFer-1.27/resources/快速加入1.bmp
  • 跑商的CFer-1.27/resources/房主确认.bmp
  • 跑商的CFer-1.27/resources/挑战模式.bmp
  • 跑商的CFer-1.27/resources/挑战模式选中.bmp
  • 跑商的CFer-1.27/resources/掉线确认.bmp
  • 跑商的CFer-1.27/resources/掉线确认1.bmp
  • 跑商的CFer-1.27/resources/新版结算确认.bmp
  • 跑商的CFer-1.27/resources/检测确定.bmp
  • 跑商的CFer-1.27/resources/死亡.bmp
  • 跑商的CFer-1.27/resources/登录.bmp
  • 跑商的CFer-1.27/resources/确认按下.bmp
  • 跑商的CFer-1.27/resources/结算确定.bmp
  • 跑商的CFer-1.27/resources/结算确认.bmp
  • 跑商的CFer-1.27/resources/缩小.bmp
  • 跑商的CFer-1.27/resources/荣誉提升.bmp
  • 跑商的CFer-1.27/resources/试炼岛逆袭.bmp
  • 跑商的CFer-1.27/resources/连接失败确认.bmp
  • 跑商的CFer-1.27/常见问题汇总.txt
  • 跑商的CFer-1.27/必须添加白名单信任/电脑管家001.png
    .png
  • 跑商的CFer-1.27/必须添加白名单信任/电脑管家002.png
    .png
  • 跑商的CFer-1.27/必须添加白名单信任/电脑管家003.png
    .png
  • 跑商的CFer-1.27/必须添加白名单信任/通用问题截图.png
    .png
  • 跑商的CFer-1.27/更新日志-2023-8-6.txt
  • 跑商的CFer-1.27/电脑跟游戏设置示意图/WeGame设置示意图.bmp
  • 跑商的CFer-1.27/电脑跟游戏设置示意图/必须清空背包示意图.bmp
  • 跑商的CFer-1.27/电脑跟游戏设置示意图/游戏控制设置示意图.bmp
    .png
  • 跑商的CFer-1.27/电脑跟游戏设置示意图/游戏设置无边框的窗口示意图.bmp
  • 跑商的CFer-1.27/电脑跟游戏设置示意图/游戏设置窗口示意图.bmp
  • 跑商的CFer-1.27/电脑跟游戏设置示意图/电脑显卡设置示意图.png
    .png
  • 跑商的CFer-1.27/电脑跟游戏设置示意图/电脑设置示意图.bmp
  • 跑商的CFer-1.27/跑商点位示意图.png
    .png
  • 跑商的CFer-1.27/软件协议.txt